1. Field of the Invention
The invention relates to telecommunications systems and more particularly to securing data flow in Internet multicasting.
2. Description of Related Art
Many emerging Internet applications involve one-to-many or many-to-many communications, where one or multiple sources are sending to multiple receivers. Examples are the transmission of corporate messages to employees, communication of stock quotes to brokers, video and audio conferencing for remote meetings and telecommuting, and replicating databases and web site information. IP Multicast efficiently supports this type of transmission by enabling sources to send a single copy of message to multiple recipients who explicitly want to receive the information. This is far more efficient than requiring the source to send an individual copy of the message to each requester (referred to as point-to-point unicast), in which case the number of receivers is limited by the bandwidth available to the sender. It is also more efficient than broadcasting one copy of the message to all nodes (broadcast) on the network, since many nodes may not want the message, and because broadcasts are limited to a single subnet.
IP Multicasting is a receiver-based concept: a receiver joins a particular multicast session group and traffic is delivered to all members of that group by the network infrastructure. The sender does not need to maintain a list of receivers. Only one copy of a multicast message will pass over any link in the network, and copies of the message will be made only where paths diverge at a router. Thus multicast yields many performance improvements and conserves bandwidth end-to-end.
IP Multicasting is described in more detail in two documents published by the IP Multicast Initiative. The first is entitled xe2x80x9cHow IP Multicast Worksxe2x80x9d and the second is entitled xe2x80x9cIntroduction to IP Multicast Routingxe2x80x9d. These documents are attached to the specification as Appendixes A and B, respectively. These documents are hereby incorporated by reference into the specification in their entirety.
A related approach to multicast security using encryption of datastreams is known in which a sender encrypts outgoing information for decryption at a receiver. This is commonly done using public key encryption techniques.
The Problems
IP Multicasting is based on a simple designxe2x80x94the sender simply sends the data to a multicast group address and the network automatically sends the data to everyone who expressed interest in receiving data on that multicast address. A significant problem is that this arrangement does not provide any security to data flow, that is, everyone can listen to a multicast session and everyone can send data to multicast sessions. As a result, there is no such thing as secure data flow in Internet multicasting sessions in the prior art. Further, since anyone can send to a multicast session, the potential for disruption by an interloper is significant.
Various aspects of the invention discussed herein provide apparatus, systems, processes, and computer program products for securing data flow in Internet Multicasting. This is done by splitting the multicast address space into two components, one for public multicast and one for private multicast. A public key of a public/private pair is installed on a domain name server or on a certification authority and is associated with the multicast address. A user, desiring to join a private multicast, provides certain information which is encrypted using the private key of the public/private key pair. Routing functions are typically performed by a switch at a node of a switching network or by a router in the network or by a computer which has a plurality of communications interfaces. As used herein, the term xe2x80x9crouting elementxe2x80x9d applies to all. A routing element receives a join request, obtains the public key and compares some non-encrypted information with decrypted information for consistency. The routing element also performs certain other checks on the join request received. Only when the routing element is satisfied that the join request received is authentic does the routing element permit the join and forward the join request to the next routing element on the way to the source. Techniques are also provided for source-group specific joins and leaves which permit one to specify senders authorized to send to a receiver and to prevent unauthorized senders from sending data to the receiver.
One embodiment of the invention is directed to a routing element for routing multicast information. The routing element obtains a public key with which to decode part of a multicast join request to verify that a user is authorized to join a private multicast.
Another embodiment of the invention is directed to apparatus for participating in a multicast including a processor configured to send a private multicast join request.
Another embodiment of the invention is directed to a domain name server which stores records relating a multicast network address or alias with a public key of a public/private key encryption pair and which sends in response to a network address or alias received over a communications port, a public key corresponding to the address or alias.
Another embodiment of the invention is directed to a communications system for multicasting information from at least one source to a plurality of receivers, including a plurality of sub-networks and at least one router, connecting at least two sub-networks, configured to distinguish between public and private multicasts.
Another embodiment of the invention relates to a method of operating a communications system by providing a multicast address space having a subspace for public multicasts and a subspace for private multicasts.
Another embodiment of the invention relates to a method of sending a multicast join request, by sending first information including a user identification and an optional random key together with an encrypted version of said first information.
Another embodiment of the invention relates to a method of sending a multicast join request from a user by sending a list of bit-masks specifying at least one of a group of senders permitted to send to said user and a group of senders prohibited from sending to said user.
Another embodiment of the invention relates to a method of establishing a private multicast by creating a private/public key encryption pair, distributing private keys to authorized participants in the multicast; obtaining a private multicast address; and installing the public key for the multicast on a domain name server or on a certification authority.
Other embodiments of the invention relate to computer program products for carrying out the techniques described.
The foregoing and other features, aspects and advantages of the present invention will become more apparent from the following detailed description of the present invention when taken in conjunction with the accompanying drawings and Appendices A and B of this specification.